Vulnerabilities > CVE-2019-12492 - Incorrect Authorization vulnerability in Gallagher Command Centre

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

HIGH

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

LOW

Availability impact

NONE

network

high complexity

gallagher

CWE-863

NVD

Published: 2019-06-06

Updated: 2021-07-21

Summary

Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows arbitrary event creation and information disclosure via the FT Command Centre Service and FT Controller Service services.

Vulnerable Configurations

Part	Description	Count
Application	Gallagher Gallagher Command Centre 8.0 Gallagher Command Centre 8.00 Gallagher Command Centre 7.90.0 Gallagher Command Centre - Gallagher Command Centre 7.70 Gallagher Command Centre 7.80	6

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

https://security.gallagher.com/security-advisories
https://security.gallagher.com/CVE-2019-12492